Pages

Thursday, July 07, 2016

Privacy - InMobi Pays $1M In Penalties

image credit: WDnet Agency, pexels.com

In 2015 I had written a series of articles on the e-commerce battle
between Flipkart and Amazon, one of which focused on why companies are
so obsessed with apps Mobile Apps: There’s Something (Profitable) About Your Privacy.
Now it turns out that InMobi has agreed to pay a US$950,000 in civil penalties to "settle charges it violated federal law." InMobi is described by the US Federal Trade Commission complaint thus: "describes
itself as the “world’s largest independent mobile advertising company.”
In February 2015, Defendant reported its advertising network had
reached over one billion unique mobile devices, with 19% of those
devices located in North America, and had served 6 billion ad requests
per day."
According to the FTC complaint [bold emphasis mine], "Even if the consumer had restricted an application’s access to the location API, until December 2015, Defendant still tracked the consumer’s location and, in many instances, served geo-targeted ads,
by collecting information about the WiFi networks that the consumer’s
device connected to or that were in-range of the consumer’s device. "

Worse, since the InMobi SDK was used by third-party app developers
to integrate within their apps and serve targeted ads to children, the
FTC charged that InMobi had also violated the Children's Online Privacy Protection Act Rule (COPPA) of 1998.
In my 2015 article I had written about other notable privacy violations:
In 2012, before its IPO, JustDial’s app was removed from the Google Play Store. It was alleged that the updated version of the JustDial app
had “started retrieving and storing the user’s entire phone book,
without a warning or disclaimer.” Thereafter, JustDial’s mobile “Terms and Conditions”
were updated to include the following line: “You hereby give your
express consent to Justdial to access your contact list and/or address
book for mobile phone numbers in order to provide and use the Service.”
In 2013, US-based social networking app Path was caught
as it “secretly copied all its users’ iPhone address books to its
private servers.” Action was swift. The FTC investigated and reached a
settlement with Path, which required
“Path, Inc. to establish a comprehensive privacy program and to obtain
independent privacy assessments every other year for the next 20 years.
The company also will pay $800,000 to settle charges that it illegally
collected personal information from children without their parents’
consent.” In the US,
a person’s address book “is protected under the First Amendment.” When
the controversy erupted, it was also reported that “A person’s contacts
are so sensitive that Alec Ross, a senior adviser on innovation to
Secretary of State Hillary Rodham Clinton, said the State Department was
supporting the development of an application that would act as a “panic
button” on a smartphone, enabling people to erase all contacts with one
click if they are arrested during a protest.” Of course, politics is
not without its dose of de-rigueur dose of irony. That dose was
delivered in 2015 when it emerged that Hillary Clinton had maintained a
private email account even as she was Secretary of State in the Barack
Obama presidency and refused to turn over those emails.
Privacy protection is an area that needs urgent attention from
India's regulatory authorities. What the Indian telecom regulator, the Telecom Regulatory Authority of India,
is doing remains a matter of speculation, unfortunately. Its flip-flops
over the last one year on Net Neutrality do not inspire much confidence
either.